Skip to content

Commit

Permalink
feat(App): override snakeyaml dependency version
Browse files Browse the repository at this point in the history
- Forced usage of snakeyaml 2.0 mitigates security issue CVE-2022-1471
  • Loading branch information
nicoprow committed Mar 17, 2023
1 parent a247558 commit b583d94
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,12 @@
<artifactId>kotlin-logging-jvm</artifactId>
<version>${kotlinlogging.version}</version>
</dependency>
<!-- Override snakeyaml version used by transitive dependencies due to security issue -->
<dependency>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>com.github.tomakehurst</groupId>
<artifactId>wiremock-jre8-standalone</artifactId>
Expand Down

0 comments on commit b583d94

Please sign in to comment.